Senior Application Security Engineer
Boston
Applications have closed
SimpliSafe
Shop award-winning home security systems from SimpliSafe. Professional monitoring, protection from break-ins and hazards, and no contracts.As a Senior Application Security Engineer, you will partner with the larger engineering organization to design, implement, and configure real-time security controls to protect physical and information assets.
You will deepen your knowledge of application security concepts as you perform thorough data sanitization or learn the internals of AES encryption.
With our strong security-conscious culture, you will frequently face captivating security challenges that will require you to balance the practical needs of the business with strong security controls.
Strong candidates will have experience in governance, risk, and compliance strategies, but will have a preference toward the technical details. They will be comfortable with at least one scripting language and have proficiency in cloud infrastructure management on platforms such as Google Cloud or AWS.
In this role, you will:
- Deploy and manage security tools to cloud infrastructure platforms such as Google Cloud or AWS
- Complement compliance team efforts with technical feedback and support
- Operate in a security architect and/or evangelist capacity to inform network, host-level, IoT, mobile, and application development strategies
- Design and implement technical security measures to support policies and prove compliance.
- Collect security-related metrics and increase security visibility across the organization
- Guide “shift-left” paradigm adoption by strategically introducing security testing mechanisms into our CI/CD pipelines (SAST, DAST, RASP, and/or IAST)
- Establish SDLC/OSS compliance system based on automated scanning and categorization
- Identify appropriate IPS/IDS tooling and install/configure accordingly
- Assist in the mitigation of DDOS, brute-force, or MiTM attack vectors
- Detect and lead remediation of XSS/CSRF/SQLi vulnerabilities
- Standardize compliance-related logging using a SIEM or other mechanism
- Teach and share knowledge of the OWASP Top 10 and/or SANS Top 25
- Contribute to IdP/SSO/endpoint management efforts
- Track latest security trends in MacBook, Chromebook, and/or Linux hosts
You should be/have:
- Eager to engage in a role that demands software engineering skills and the ability to consistently execute on solutions
- Love building relationships with teammates across multiple functional business units
- No shortage of incident response war stories to share; even better if they include executive-level engagement
- Always vigilantly consider impact to business operations when identifying and implementing new security processes
- Willingly navigate ambiguity with humility, understanding, and a growth mindset
- You have several years of experience with at least one scripting language and feel at home operating a terminal emulator
- You have firsthand experience deploying web services to AWS (or other cloud service provider)
- Bonus points for working knowledge of Node.js, Python, MySQL, Mongo, Ansible, Docker, Route53, ECS, and/or Lambda
- Background in PCI and/or GDPR compliance is a plus
Why work for SimpliSafe:
At Simplisafe, we place an emphasis on a ‘no-ego’, collaborative culture. From the top down, we all work together to solve the difficult challenges within the home security and IoT industry. We have recently been named in Built In Boston’s ‘Best Places to Work in 2019’ list and in Wealthfront’s ‘2019 Career Launching Companies’ list. Like our products, we are constantly evolving to provide the best employment experience possible. If Simplisafe sounds like a company you’d enjoy working for, we’d love to hear from you!
Benefits & Perks:
- Health, dental and vision coverage - We cover 85% of plans and offer excellent BCBS HMO/PPO Health plans
- Unlimited paid time off - To give you the flexibility and work/life balance you seek
- 401k Matching and Company Equity - To help you prepare for the future
- Beer Fridays, Bagel Thursdays, Bi-Weekly Lunches
- Team and Company Outings – We know how to have fun! Besides, who doesn’t like free food and drinks?!
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Tags: AES Ansible Application security AWS CI/CD Cloud Compliance CSRF DAST DDoS Docker Encryption GCP GDPR Governance IDS Incident response IPS Lambda Linux MySQL Node.js OWASP Python SANS SAST Scripting SDLC SIEM SSO Vulnerabilities XSS
Perks/benefits: Career development Gear Health care Lunch / meals Salary bonus Team events Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs